American Electric Power — Cyber Attacks, Breaches & Threat Activity

Threat entity extracted from intelligence sources

Frequency
2
occurrences
First Seen
January 2, 2026
Last Seen
January 6, 2026

American Electric Power is a organization tracked across 2 threat clusters and 2 intelligence report mentions on ThreatCluster. First observed January 2, 2026; most recent activity January 6, 2026.

Overview

American Electric Power (AEP) is a large U.S. electric utility operator serving multiple states and delivering critical energy infrastructure. In cybersecurity discussions, utilities are high-value targets, and recent articles emphasize credential-based breaches when MFA is not enabled and the risk of illicit data trade around utility information.

Related Threat Clusters

  • Cybercriminal Offers Breached Utility Data for Sale

    A cybercriminal claims to have breached Pickett and Associates, a Florida-based engineering firm, and is attempting to sell 139 GB of engineering data related to major US utilities, including Tampa Electric Company,…

    3 articles · Updated January 2, 2026
  • MFA Lapses Lead to Data Theft of 50 Organizations

    A major infostealer campaign has compromised sensitive data from 50 global enterprises, with the data available for sale on the dark web. Victims include firms such as Pickett and Associates, Sekisui House, and Iberia.…

    4 articles · Updated January 6, 2026

Recent Intelligence Reports

  • One criminal, 50 hacked organizations, and all because MFA wasn't turned on — Theregister · January 6, 2026
  • Cybercrook claims to sell critical info about utilities — Theregister · January 2, 2026

CVSS v3.1 Breakdown